Trezor: The Bitcoin Safe

Bitcoin is a novel and innovative platform for making digital money transactions over the internet, and it’s cleverly designed to be remarkably secure. Nevertheless, its procedures are still not easy to grasp for the average person, thus restraining its use to a very specific niche of users.

Many companies have attempted to close such gap by providing simple and intuitive cloud-based wallet services. As a result, they’ve successfully managed to put Bitcoin at the reach of the average non tech-savvy user; but they’ve also opened a significant breach in matter of security: online services are responsible for managing your private keys. That is, anyone who gains access to the server’s database might be able to spend your bitcoins.

One way to circumvent this issue is managing your own private keys by installing a wallet software in your local computer. However, even then you are still vulnerable to hacking attacks. If your computer gets compromised, so are your bitcoins.

…This is where Trezor comes in.

Trezor hardware wallet

Trezor is a bitcoin hardware wallet produced by the Czech company SatoshiLabs. It’s a very small and sturdy hardware device, specially manufactured to secure your private keys and sign transactions offline. Even if your local computer is compromised, Trezor guarantees that your bitcoins are safe.￼

In fact, “trezor” is a slavic word that means “safe”, as in a safe vault. And given the tight security mechanisms Trezor provides, it seems to be living up to its name.

For a price of $99 you can order a Trezor from the official website. It comes in 3 colors: white, grey and black.

Security Features

As in most hardware wallets, private keys never go out of the device and cannot be affected by malware. All transaction signing occurs in the Trezor itself.

Trezor uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32/BIP44). A recovery seed is generated when the device is initialized. In case of loss or theft, the wallet can be recovered using the backup seed with a new device or another BIP39/BIP44 compatible wallet.

In order to sign transactions, a PIN is needed. This PIN is set when you first run Trezor, and the application features a very clever and secure way to introduce it.￼

The interface displays a grid of un-numbered tiles, meanwhile the device generates a random matrix of numbers which must be matched with the blank tiles by clicking and selecting the digits corresponding to the PIN. This ensures there’s no way for a hacker or keylogger software to steal your PIN.

All operations on Trezor require the user to enter a PIN. In case of theft, the attacker would have to guess your PIN, and with each wrong attempt the time for retrying increases exponentially. For example, trying 30 PINs would take around 17 years, making it very impractical to brute-force.

Also, a passphrase can be set on top of the PIN. In fact, multiple passphrases can be used to encrypt your wallet, that means you can set up decoy accounts with a few bits aside from your real account. This is a manner to protect yourself from the infamous $5 wrench attack.

Using the Trezor

Trezor works with any computer having a USB port and internet connection. However, it requires installing a “Trezor bridge” in order to connect to myTrezor.com wallet. It’s also possible to install a Chrome extension or integrate with existing wallets such as Electrum, MultiBit or Mycelium.

A complete list of supported wallets and services can be found at the official documentation page.

Setting it up

The first time Trezor is plugged in, you must “label” it by introducing a name for your device. This is just for customization purposes. Then a list of secret words is generated; this is the mnemonic seed that you will use to recover your money in case you ever lose your Trezor. You should write this list down and keep it in a very safe place.

￼Now your Trezor is ready to send and receive bitcoins.

Receiving payments

In order to receive a payment, select the “Receive” tab and copy the address shown. More addresses can be generated if you desire so.

By clicking on the “eye” icon, you can display the address on the Trezor device. This is a way to protect yourself from phishing attempts aimed at replacing your true receiving address.￼

When someone effectively makes a payment to one of your addresses, you will see an incoming transaction appear in the transactions pane.

The transaction still appears as “unconfirmed”. After the network validates it, you’ll have successfully received your bitcoins, which are now securely protected by Trezor.

Making payments

In order to make payments, just press the “Send” tab, and introduce a valid bitcoin address. You can also scan a QR with your webcam.

￼After specifying the amount to be sent, click send, enter your PIN, and confirm the transaction with your Trezor device.

￼After successfully confirming, your transaction is broadcasted to the network in order to be confirmed. It should now appear in the transactions pane.

As you can see, receiving and sending bitcoins is extremely easy, yet very secure, since your private keys are always protected by Trezor. There’s no way for it to be hacked, and in case of losing your device, you can always restore your wallet by using the mnemonic recovery seed.

Why Trezor?

As far as the competition goes, there are some viable options outside of Trezor. However, dollar for dollar, Trezor provides the most secure experience for the user. Some experts prefer another top competitor, Case. In comparison, however, Trezor provides very similar security for $100 less, making it the obvious choice.

Pros

Private keys are never exposed.

Innovative way to introduce PIN protects you from keyloggers and other possible malware.

Portable and durable device.

Screen displays all relevant information and allows visual confirmation in order to avoid phishing attacks.

Open source firmware.

Cons

Original USB cable is often reported not functioning properly. Using a different cable is recommended.

Conclusion

Trezor is surely an elegant and secure device for users that want to store their bitcoins in a safe way without sacrificing practicality. It can be connected to mobile phones, and there are plans to integrate trezor login into WordPress, slush pool in addition to adding multisig wallet support to Copay and CoinKite. In due course of time, we’ll surely see much more platforms and third-party wallets supported by Trezor, thus widening its potential.In matter of security, it surely acts as a tight bitcoin vault, made to safely store bitcoins in the long-term., Trezor is by far, the most popular bitcoin hardware wallet, which shows that the community is quite satisfied with it. We’re looking forward to see its future improvements.